package com.demo.webapp.ui.access.impl;

import javax.servlet.http.HttpServletRequest;

import org.springframework.security.core.Authentication;

import com.demo.common.StringUtils;
import com.demo.webapp.ui.ComponentBase;
import com.demo.webapp.ui.access.PermissionsAdapter;

/**
 * 以角色授权的访问许可适配器
 * 
 * @author ryuu.kk
 *
 */
public class RolesPermissionsAdapter implements PermissionsAdapter<Authentication> {
	/** http请求 **/
	private HttpServletRequest request;
	
	public RolesPermissionsAdapter(HttpServletRequest request) {
		this.request = request;
	}
	
	@Override
	public boolean hasPermission(ComponentBase model, Authentication authentication) {
		// 默认是允许访问
		boolean isPermission = true;
		// permission属性优先,其次funid. 都不存时,访问可用
		if (StringUtils.isNotEmpty(model.getPermission())) {
			isPermission = request.isUserInRole(model.getPermission());
		} else {
			if (model.getFunid() != null) {
				isPermission = request.isUserInRole(model.getFunid().toString());
			}
		}
		
		return isPermission;
	}

}
